CVE-2026-3644

A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update, |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

CVE-2026-30953

LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL LinkRepository::create calls HtmlMeta::getFromUrl. The LinkStoreRequest validation rules do not include NoPrivateIpRule, allowing server-si...

PT-2026-24122

Name of the Vulnerable Software and Affected Versions Misskey versions 10.93.0 through 2026.3.0 Description Misskey is a federated social media platform. A flaw exists that allows importing data belonging to other users because of insufficient ownership validation. The potential impact is...

GHSA-595M-WC8G-6QGC WeKnora is Vulnerable to SSRF via Redirection

Summary The application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery SSRF through HTTP redirects. While the backend implements comprehensive URL validation blocking private IPs, loopback addresses, reserved hostnames, and cloud metadata endpoints, it fails to...

PT-2026-27225

Summary ZIP extraction in OpenClaw could be raced into writing outside the intended destination directory via parent-directory symlink rebind between validation and write. Affected Packages / Versions - Package: openclaw npm - Vulnerable versions: = 2026.3.1 - Latest published vulnerable version...

CVE-2026-0704

In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...

PYSEC-2025-89

NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell cashubtc/nuts before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary da...

PT-2025-46543

Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...

CVE-2025-61235

An issue was discovered in Dataphone A920 v2025.07.161103. A custom packet based on public documentation can be crafted, where some fields can contain arbitrary or trivial data. Normally, such data should cause the device to reject the packet. However, due to a lack of validation, the device...

CVE-2025-7493 Freeipa: idm: privilege escalation from host to domain admin in freeipa

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

CVE-2025-7493

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

CVE-2021-26377

CVE-2021-26377 affects AMD Trusted OS (TOS) where insufficient parameter validation during process-space allocation can trigger an integer overflow, enabling a malicious userspace process to cause a denial of service. Affected products are tied to AMD Embedded Processors and related components; e...

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation due to insufficient validation in the MsgCommitPubRandList handler, combined with a lack of domain separation in signed messages. An attacker can store an invalid PubRand commitment by crafting the message parameters ...

PT-2024-38632 · WordPress · Wp Hotel Booking

Name of the Vulnerable Software and Affected Versions: WP Hotel Booking plugin for WordPress versions up to, and including, 2.1.2 Description: The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update review function. This...

UBUNTU-CVE-2024-42154

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: validate source addr length I don't see anything checking that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all neither does it for IPv6 but v6 is manual...

PT-2024-4058 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version V9.3.5u.6369 B20220309 Description: The issue is related to the NTPSyncWithHost function in the TOTOLINK LR350 router's firmware, which lacks input validation. This can be exploited by a remote attacker to execute...

CVE-2023-51557

Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

Kofax Power PDF 安全漏洞

Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a specific flaw in the parsing of PDF files that lacks proper validation of user-supplied data, allowing a remote attacker to execute arbitrary code...

PT-2024-12424 · Cohesity · Cohesity Dataprotect

Name of the Vulnerable Software and Affected Versions: Cohesity DataProtect versions prior to 6.8.1 u5 Cohesity DataProtect versions prior to 7.1 Description: The issue is related to incorrect access control due to a lack of TLS Certificate Validation. Recommendations: For Cohesity DataProtect...

SUSE CVE-2021-29609

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior dereferencing null pointers as well as write outside of bounds of heap allocated data. The...